Re: Possible issue with linux xattr support?

Reply: Shawn Webb : "Re: Possible issue with linux xattr support?"
In reply to: Shawn Webb : "Re: Possible issue with linux xattr support?"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Alexander Leidinger <Alexander_at_Leidinger.net>
Date: Wed, 30 Aug 2023 04:55:14 UTC

Am 2023-08-29 21:02, schrieb Shawn Webb:

> Back in 2019, I had a similar issue: I needed access to be able to
> read/write to the system extended attribute namespace from within a
> jailed context. I wrote a rather simple patch that provides that
> support on a per-jail basis:
> 
> https://git.hardenedbsd.org/hardenedbsd/HardenedBSD/-/commit/96c85982b45e44a6105664c7068a92d0a61da2a3

You enabled it by default. I would assume you had a thought about the 
implications... any memories about it?

What I'm after is:
  - What can go wrong if we enable it by default?
  - Why would we like to disable it (or any ideas why it is disabled by 
default in FreeBSD)?

Depending in the answers we may even use a simpler patch and have it 
allowed in jails even without the possibility to configure it.

Bye,
Alexander.

-- 
http://www.Leidinger.net Alexander@Leidinger.net: PGP 0x8F31830F9F2772BF
http://www.FreeBSD.org    netchild@FreeBSD.org  : PGP 0x8F31830F9F2772BF